Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: aaiATWrNCP8CB60n9hLmgZKKVAMorRj4DpW1jWfxdAc=
Subject key identifier: 31:7F:6C:C2:18:7E:10:A8:1F:16:5C:A3:70:65:3B:6E:F9:32:97:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BE3DB49D88139F223502ED642162B228FD4CA41
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Tue 05 Aug 2025 20:30:49 +0000
ROA not before: Tue 05 Aug 2025 20:30:49 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:e3:db:49:d8:81:39:f2:23:50:2e:d6:42:16:2b:22:8f:d4:ca:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:49 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=b255a26725b3b19f59b031a58cb14df135cbebfc61c6a71fbefae130ca44bb04, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2a:d2:4a:f3:e8:8a:c1:99:96:46:6d:97:db:
24:d2:79:de:08:32:32:56:b4:6d:33:50:f0:05:18:
a5:fc:b3:e2:18:fa:e8:c1:8b:ff:72:69:a2:91:b8:
d5:85:15:c1:c7:5f:7c:87:a7:49:82:e9:3f:12:38:
0b:19:03:40:35:ee:9d:bd:14:f2:dd:44:74:2f:8f:
17:98:6b:14:65:3b:d7:86:b6:fc:c8:48:6c:13:93:
36:e3:47:c4:52:64:0f:bf:91:86:61:3e:80:02:1a:
c2:e4:5e:1a:46:f3:02:d9:91:5b:15:e8:26:8a:d6:
7d:4e:aa:ec:68:dd:3c:35:ea:82:49:8c:fd:98:13:
eb:36:59:53:6c:77:9e:f5:52:38:18:e6:82:80:28:
3d:1c:68:36:9c:53:05:2d:bb:1b:bc:2c:1e:29:65:
51:78:46:b0:7e:f5:df:d8:32:28:3b:0b:e3:51:72:
91:6a:a9:98:81:e0:ce:78:d4:a0:59:0b:9c:58:0a:
0c:2b:21:2d:18:e4:2a:db:b5:3d:5f:4e:89:16:c2:
94:f5:61:73:7a:51:e9:63:de:49:3d:22:20:40:02:
5c:b0:7e:17:5a:41:21:6b:f9:bb:a5:0b:21:8b:1b:
04:d1:f7:6f:88:82:79:a4:6b:ab:c3:a8:9d:3b:05:
d3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7F:6C:C2:18:7E:10:A8:1F:16:5C:A3:70:65:3B:6E:F9:32:97:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:e5:dd:ec:f7:88:2c:13:be:50:2a:92:78:e0:95:95:56:ec:
68:37:db:52:fb:36:93:9e:39:b2:b3:ce:dc:bf:f2:cd:82:0b:
d7:b6:52:43:00:17:02:ed:25:26:a8:81:34:d5:78:01:2f:56:
ec:52:0f:3f:75:b3:5f:d7:69:d4:d4:80:fc:b5:53:f9:e1:d4:
20:b3:b1:7b:7e:2f:56:a1:85:1f:33:a9:12:57:a7:30:fa:d4:
79:13:63:d9:ca:3a:a1:c7:61:57:94:0e:39:d7:62:d7:d4:ae:
d5:5d:a9:e8:dd:8f:31:b1:ea:24:b1:68:de:ac:77:3d:d4:ee:
02:94:75:1f:90:e3:06:6e:38:25:41:83:47:a5:67:fb:d6:bf:
a2:64:44:b4:98:c3:fc:f9:4a:e5:c6:b7:91:f4:77:9d:d9:62:
14:e1:f8:bd:17:45:2f:12:7c:88:ce:9c:0e:ca:69:15:d2:36:
8c:31:00:0a:aa:f0:cf:21:4e:a7:ad:97:44:88:cf:d6:ba:14:
b6:40:5c:b7:cd:87:f8:a3:6e:7f:f2:20:77:d2:d0:d2:14:07:
7e:45:90:2c:4b:16:34:99:51:85:10:87:3b:23:37:79:dc:1d:
5c:23:72:ad:5e:e8:95:4d:09:46:63:cb:36:0d:2f:19:9a:4f:
94:e7:ff:13
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS+PbSdiBOfIjUC7WQhYrIo/UykEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwNDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyNTVhMjY3MjViM2IxOWY1OWIwMzFhNThjYjE0ZGYxMzVjYmViZmM2MWM2
YTcxZmJlZmFlMTMwY2E0NGJiMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8q0krz6IrBmZZGbZfbJNJ53ggyMla0bTNQ8AUYpfyz4hj66MGL/3JpopG4
1YUVwcdffIenSYLpPxI4CxkDQDXunb0U8t1EdC+PF5hrFGU714a2/MhIbBOTNuNH
xFJkD7+RhmE+gAIawuReGkbzAtmRWxXoJorWfU6q7GjdPDXqgkmM/ZgT6zZZU2x3
nvVSOBjmgoAoPRxoNpxTBS27G7wsHillUXhGsH7139gyKDsL41FykWqpmIHgznjU
oFkLnFgKDCshLRjkKtu1PV9OiRbClPVhc3pR6WPeST0iIEACXLB+F1pBIWv5u6UL
IYsbBNH3b4iCeaRrq8OonTsF07UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxf2zC
GH4QqB8WXKNwZTtu+TKXZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ5d3s94gsE75QKpJ44JWVVuxoN9tS+zaTnjmys87c
v/LNggvXtlJDABcC7SUmqIE01XgBL1bsUg8/dbNf12nU1ID8tVP54dQgs7F7fi9W
oYUfM6kSV6cw+tR5E2PZyjqhx2FXlA4512LX1K7VXano3Y8xseoksWjerHc91O4C
lHUfkOMGbjglQYNHpWf71r+iZES0mMP8+UrlxreR9Hed2WIU4fi9F0UvEnyIzpwO
ymkV0jaMMQAKqvDPIU6nrZdEiM/WuhS2QFy3zYf4o25/8iB30tDSFAd+RZAsSxY0
mVGFEIc7Izd53B1cI3KtXuiVTQlGY8s2DS8Zmk+U5/8T
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:08 2025 by rpki-client